Commit graph

24 commits

Author SHA1 Message Date
RPRX beb603af06 Allow IP address ServerName when "serverName" is not configured
In this case, TLS Client Hello will not have SNI (RFC 6066, Section 3)
2023-03-26 10:57:20 +00:00
Yue Yin 03b8c094de Support SPKI Fingerprint Pinning
Support SPKI Fingerprint Pinning for TLSObject
2023-02-24 11:47:00 -05:00
yuhan6665 acb81ebe3d
Verify peer cert function for better man in the middle prevention (#746)
* verify peer cert function for better man in the middle prevention

* publish cert chain hash generation algorithm

* added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb

* apply coding style

* added test case for pinned certificates

* refactored cert pin

* pinned cert test

* added json loading of the PinnedPeerCertificateChainSha256

* removed tool to prepare for v5

* Add server cert pinning for Xtls

Change command "xray tls certChainHash" to xray style

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 12:38:40 +08:00
yuhan6665 e286cdcaa8
Style: format code by gofumpt (#761) 2021-10-20 00:57:14 +08:00
WeidiDeng b0b2aaa70c
Fixed refresh error when multiple certificates exist (#663)
* Fix when there are multiple certs, after refresh from file all will be the same as the last.
2021-09-18 03:48:22 +08:00
Arthur Morgan 7a9e72b133
Merge pull request #589 from bhoppi/main
Fix: new cert issuing is incorrectly delayed
2021-09-08 00:50:32 +08:00
Bhoppi Chaw 2220411644 fix new cert issuing is incorrectly delayed 2021-06-05 23:32:05 +08:00
hmol233 e8a8465220
Fix reject unknown sni with single cert 2021-05-10 00:28:40 +08:00
hmol233 1f92b948c0
Fix errNoCertificates 2021-05-10 00:11:45 +08:00
hmol233 53b99efe78
Add: reject unknown SNI
Co-Authored-By: 玖柒Max <60207794+jiuqi9997@users.noreply.github.com>
2021-05-09 23:47:21 +08:00
RPRX 4bf8b6d89c
Fix uTLS fingerprints support
Thank @HirbodBehnam https://github.com/XTLS/Xray-core/issues/461
2021-04-01 09:15:18 +00:00
RPRX 8b9c0ae593
Enable (X)TLS hot reloading by default (#281)
Super BiuBiu
2021-02-20 02:15:57 +00:00
eMeab 81d993158f
Support hot reloading of certificate and key files (#225) 2021-02-12 15:33:19 +00:00
eMeab c13b8ec9bb
Fix OCSP Stapling (#172)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-01-30 23:17:07 +00:00
RPRX 7df135a5c4
Disable session resumption by default
https://github.com/v2fly/v2ray-core/issues/557#issuecomment-751962569
2021-01-01 11:33:09 +00:00
RPRX a78db47571
Adjust OCSP Stapling 2020-12-25 15:10:12 +00:00
eMeab 3d7e86efba
Add OCSP Stapling for TLS & XTLS (#92) 2020-12-25 08:01:20 +00:00
RPRX ff9bb2d8df
Optimize cipherSuites setting loader 2020-12-17 09:25:30 +00:00
RPRX 38faac5ffc
Adjust config loader of TLS & XTLS 2020-12-16 15:59:04 +00:00
eMeab 88dfed931b
Add cipherSuites setting for TLS & XTLS (#78) 2020-12-16 12:53:55 +00:00
eMeab dab978749c
Add minVersion setting for TLS & XTLS (#77) 2020-12-16 05:20:24 +00:00
RPRX f8faf3c8b8 Removal: confonly 2020-12-11 13:05:29 +08:00
RPRX 16544c18ab v1.1.0 2020-12-04 09:36:16 +08:00
RPRX c7f7c08ead v1.0.0 2020-11-25 19:01:53 +08:00